New Address Message Validation / Expose Public Key via GUI

[bytemaster]

I want to create a service that gives credibility to users based upon a balance they maintain in a specific BTC address.   Namely, I don't want to require users to deposite money with me, I just need to prove that they 'own' BTC somewhere.

I would ask users to 'create a new address' and then sign "Map address XXXX to account USERNAME". 

In order for this process to work, I need the user to provide me both the PUBLIC KEY and the SIGNATURE because until they spend money from that address, I have no way of getting the public key from the network and therefore am unable to validate the message.

Unfortunately, the GUI only gives me the signature.   

I could add the 'public key' as an additional field and submit a pull request, but would like to know if there is any reason why the GUI does not expose the public key?

[gmaxwell]

In order for this process to work, I need the user to provide me both the PUBLIC KEY and the SIGNATURE because until they spend money from that address, I have no way of getting the public key from the network and therefore am unable to validate the message.
Unfortunately, the GUI only gives me the signature.   
I could add the 'public key' as an additional field and submit a pull request, but would like to know if there is any reason why the GUI does not expose the public key?

You do not need the public key.
You only need to know the signature, the message being signed, and the address that you're going to compare it to.

[bytemaster]

It was my understanding that until coins are spent from an address the public key does not exist in the block chain. 

If the public key is published upon receiving money to an address, then I could see it working for any address with non-0 balance.

[DeathAndTaxes]

In order for this process to work, I need the user to provide me both the PUBLIC KEY and the SIGNATURE because until they spend money from that address, I have no way of getting the public key from the network and therefore am unable to validate the message.
Unfortunately, the GUI only gives me the signature.   
I could add the 'public key' as an additional field and submit a pull request, but would like to know if there is any reason why the GUI does not expose the public key?

You do not need the public key.
You only need to know the signature, the message being signed, and the address that you're going to compare it to.

Since it is signed with the private key wouldn't he need to know the public key?

If the address has been used as an input for a tx the public key can be located in the blockchain but the public key is still needed right?

IF the address has not been used as an input for a tx the public key is not available in the blockchain.

[gmaxwell]

Since it is signed with the private key wouldn't he need to know the public key?

No. Or rather he'll compute it with the information he already has.

If the address has been used as an input for a tx the public key can be located in the blockchain but the public key is still needed right?

Yes, it can. But no, it is not needed in any case.

IF the address has not been used as an input for a tx the public key is not available in the blockchain.

Correct, but irrelevant. You do not need the public key to validate the signature.

This is because Bitcoin uses public key recovery.

F'king MATHMATICS. HOW DOES IT WORK?

With the only message and the signature Bitcoin recovers the public key mathematically (technically two more bits are required than the signature, but our signatures include those two bits). The blockchain is not used.  Bitcoin then hashes the recovered public key to get the address. The address is then compared to the address you provide. The public key is not only not required, the verification interface doesn't even give you a place to provide it.

[DeathAndTaxes]

Thanks gmaxwell.  We really need a "Bitcoin compendium" I learn something new everyday (ok at least once a week).

[bytemaster]

The public key is not only not required, the verification interface doesn't even give you a place to provide it.

I got the idea that I needed the public key from an out-moded json-rpc interface... 
I had no idea that you could recover the public key from the signature and 2 other bits of info... that is cool, thanks for sharing!

Unfortunately, I think my whole plan is fundamentally flawed as the bitcoin client gives very little control over which addresses are used when spending which combined with the fact that every spend 'spends all' of an address means that users would have to do a lot of work to use my system.
 

[gmaxwell]

Unfortunately, I think my whole plan is fundamentally flawed as the bitcoin client gives very little control over which addresses are used when spending which combined with the fact that every spend 'spends all' of an address means that users would have to do a lot of work to use my system.

I'm very interested in being able to freeze specified addresses so that they won't be used for spending. But I (and, apparently, no one else) had time to work on it before 0.7's release. I'm not sure when I'll have time to work on it.

If you'd like to work on it, it would be helpful. If you decide to do so should start with a RPC interface because the RPC/CLI/GUI-Console is generally the starting point for advanced features.

[cbeast]

F'king MATHMATICS. HOW DOES IT WORK?

I'm taking that online crypto class. I'm getting a better perspective on ideas such as the ones proposed in this thread. Crypto isn't quite as intuitive as it seems sometimes.